Why cloud security matters and why you can't ignore it

Cloud means handing over data and apps, but that doesn't mean giving up responsibility for security.

As convenient as cloud computing has become, it isn't without problems. Poor cybersecurity planning for cloud applications, such as allowing users to rely on simple passwords, failing to use multi-factor authentication or not applying patches and updates, can leave you vulnerable to attacks.

Managing cybersecurity was already a challenge for many organisations and their boardrooms: adding the cloud just widens the potential threat surface and increases the complexity for many.

That's especially the case for firms that might not even be aware of their cybersecurity responsibilities when it comes to cloud services.

"Sometimes we still have a perception by organisations that it's a set-and-forget-it mentality," says Jason Nurse, associate professor in cybersecurity at the University of Kent. 

"The reality is that, for many organisations, they view using the cloud as sort of handing over all responsibility on security and data protection," he adds.

But, he points out, a lot of responsibility still falls on these organisations to do things to ensure that they have the right setup, to ensure that they have the cloud configured correctly and that they don't have data "hanging around" that's not appropriately protected. 

The lack of understanding around configuring and securing cloud services can leave sensitive information exposed – potentially even directly to the open internet where anyone, including malicious cyber criminals, can see it. 

Courtesy: ZD Net